From 74c88a25203e7db293ca7a1c31b789e6558129fd Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Wed, 26 May 2021 11:10:18 +0200 Subject: [PATCH] man: try to clarify that nss-mymachines does not provide name resolution outside its own scope Fixes: #18229 --- man/nss-mymachines.xml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/man/nss-mymachines.xml b/man/nss-mymachines.xml index 03fcd4308e0..baec10954b2 100644 --- a/man/nss-mymachines.xml +++ b/man/nss-mymachines.xml @@ -39,6 +39,15 @@ Note that the name that is resolved is the one registered with systemd-machined, which may be different than the hostname configured inside of the container. + Note that this NSS module only makes available names of the containers running immediately below + the current system context. It does not provide host name resolution for containers running side-by-side + with the invoking system context, or containers further up or down the container hierarchy. Or in other + words, on the host system it provides host name resolution for the containers running immediately below + the host environment. When used inside a container environment however, it will not be able to provide + name resolution for containers running on the host (as those are siblings and not children of the current + container environment), but instead only for nested containers running immediately below its own + container environment. + To activate the NSS module, add mymachines to the line starting with hosts: in /etc/nsswitch.conf.